Digital defence - keep your business safe online

Online security is an increasingly important concern for businesses of
every size.

While big corporations can spend huge sums to protect themselves, small
firms find themselves faced with significant threats, but armed with
limited resources with which to fight them.

Thankfully, though, there are a few simple steps you can take to help
ensure your business stays safe in a difficult digital world. Read about
some of the main risk areas, and what they mean for your business.

Banking

Online banking is the area in which security concerns are highest. The
prospect of having your bank account compromised is a terrifying one –
but it is also a worryingly common occurrence. The rise of so-called
‘phishing’ attacks, in which users are tricked into handing over their
details, has meant that many more business owners are falling victim to
online banking fraud.

Look for the padlock. Only entrust your details to encrypted
sites. Look for the padlock in your browser address bar to make sure
you’re on the right site.

Don’t fall for phishing. Banks will never ask for personal
details by email. If you receive a suspect message, forward it to your
bank’s anti-fraud department.

Install an antivirus. Spyware poses a big threat when it comes to
online banking. Make sure that your antivirus software is up to date.

Privacy

Privacy is a major worry for many internet users, both commercial and
consumer. Virtually every website you use knows something about you, and
many want to store information on your computer for future use.
Separately, social networking sites like Facebook are becoming ever more
intrusive, requesting more and more information with each new version.

Check your permissions. Use MyPermissions
to control which bits of information social networking sites can access.

Understand cookies. Cookies are tiny files stored on your
computer, which can be used for a range of reasons. Make sure you
understand which cookies you are approving, and what they are doing.

Networks

Your own networks are also vulnerable to compromise. This doesn’t
necessarily mean secret agents clambering into your office, Mission
Impossible-style (although you might want to make sure your windows are
secure just in case). With a rise in the number of people working
remotely, and a steep increase in the amount of data being transferred
every day, secure company networks are becoming increasingly important.

Build a firewall. An enterprise-strength firewall is an absolute
necessity for any business network. Consider taking professional advice
to make sure your needs are met.

Reputation management

The internet has opened up a world of possibilities for businesses – but
it has also meant a brand new set of risks. Reputations can be ruined in
hours online, and businesses of every size need to be alert to the risks
and ready to protect themselves.

Build an employee policy. Write a comprehensive policy setting
out acceptable social media use by your employees. It should explain how
social media is to be used in the business, and which employees are
authorised to speak on your behalf. Read more about building a social
media policy.

Be prepared to talk. Remember that social media is a
conversation. If you encounter negative feedback, don’t ignore it –
engage.

'Real-world' security

Finally, we were only half joking when we warned you about keeping your
windows shut. While you’re unlikely to fall prey to secret agents, it is
vitally important that you remember physical, as well as digital
security.

Protect your servers. If you have your servers onsite, make sure
that they are properly protected from theft, fire, and flood. If they’re
offsite, make sure that you review your chosen provider’s safety
policies regularly.

Make offsite backups. Backing up is vital – but it is equally
important that your backups are kept away from the original data. You
might choose to investigate cloud solutions to help you with this.

Limit access. Make sure that you operate on a ‘need-to’ basis.
Access to data and equipment should be limited to those individuals who
require it if you are to minimise risks.